Reading session variables from COM+

[jeffctest-google]

We have a LOT of classic ASP pages that call VB6 COM+ DLLs that are
the middle tier between the ASP pages and stored procedures. In the
DLLs, we have been detecting who the current user is by using
functions like GetSecurityCallContext and
GetObjectContext.Security.GetOriginalCallerName(). Due to some
security changes, we need to turn off IIS's Windows Authentication and
make it Anonymous.

The user is determined in ASP and stored in session variables, but
there are thousands of ASP pages that would have to be changed to pass
this information to about 50 DLL's. We're trying to think of a way
that a DLL can retrieve the user's information without having anything
passed to it. Thoughts were being able to read the session variables
directly, cookie, etc. Even just being able to retrieve an integer
value which is the user's ID would be fine.

What's the easiest way we can change the DLL's to retrieve the user's
info without having to change any ASP pages???
Thanks!!

 

[Dr.David]

What's the easiest way we can change the DLL's to retrieve the user's
info without having to change any ASP pages???

Isn't the HTTP header, including cookies/session variables, in the DLL's
environment variables?

 

[jeffctest-google]

You are correct. After some digging after you said that, I found that, I
needed to:
Add as a reference Active Server Pages Library (asp.dll), then in a function:

Dim oRequest As ASPTypeLibrary.Request
Set oRequest = GetObjectContext.Item("Request")
UserName = oRequest.ServerVariables.Item("AUTH_USER") 'just an example of a
server variable

Works great. Thanks!